Ransom:Win32/Jaffrans.A!rsm removal instruction

The Ransom:Win32/Jaffrans.A!rsm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ransom:Win32/Jaffrans.A!rsm virus can do?

A process attempted to delay the analysis task.
Installs itself for autorun at Windows startup
Exhibits possible ransomware file modification behavior
Writes a potential ransom message to disk
Anomalous binary characteristics

How to determine Ransom:Win32/Jaffrans.A!rsm?


File Info:
crc32: 7F7AC267
md5: 84482cc85997f867c29ac9230faa772e
name: 84482CC85997F867C29AC9230FAA772E.mlw
sha1: 9ad853f5ba563d02f75210b3c1f0e1646a77cb93
sha256: 8eb13654d920c9c752a87ce9b7bba37664df94fe199cda519e773f4840670af1
sha512: 11dfc575801f58c5eba3c6091c0c7c3276496d00e715614bf0ed1af6ee32622b97f3d52117a9e15f99c60eee1b559094d8f95c9b4f994afc440f1bb3c57bd189
ssdeep: 768:iBDAwqyUe1OpV/h7pB2M+Uwsf6NewJpPcblA:iB0Tb5V57pDwsf6NeEPq
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Ransom:Win32/Jaffrans.A!rsm also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 0050e87d1 )
Elastic	malicious (high confidence)
DrWeb	Trojan.Encoder.11823
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Ransom.JaffCrypt.2
Cylance	Unsafe
Zillya	Trojan.Jaff.Win32.10
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Ransom:Win32/generic.ali2000010
K7GW	Trojan ( 0050e87d1 )
Cybereason	malicious.85997f
Cyren	W32/RansomJaff.B.gen!Eldorado
Symantec	Ransom.Jaff
ESET-NOD32	Win32/Filecoder.Jaff.B
APEX	Malicious
Avast	Win32:Filecoder-AX [Trj]
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Ransom.JaffCrypt.2
NANO-Antivirus	Trojan.Win32.Crypren.epgeuc
MicroWorld-eScan	Gen:Variant.Ransom.JaffCrypt.2
Tencent	Win32.Trojan.Raas.Auto
Ad-Aware	Gen:Variant.Ransom.JaffCrypt.2
Sophos	ML/PE-A + Mal/EncPk-OJ
Comodo	Malware@#2acpnt5ylze1e
BitDefenderTheta	Gen:NN.ZexaF.34608.duX@aWva2Sci
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Emotet.qm
FireEye	Generic.mg.84482cc85997f867
Emsisoft	Gen:Variant.Ransom.JaffCrypt.2 (B)
SentinelOne	Static AI – Malicious PE
Avira	TR/Crypt.XPACK.Gen
Microsoft	Ransom:Win32/Jaffrans.A!rsm
Arcabit	Trojan.Ransom.JaffCrypt.2
AegisLab	Trojan.Win32.Jaff.j!c
GData	Gen:Variant.Ransom.JaffCrypt.2
AhnLab-V3	Trojan/Win32.JaffCrypto.C1953385
McAfee	GenericRXCC-WE!84482CC85997
MAX	malware (ai score=82)
VBA32	Trojan-Ransom.Jaff
Malwarebytes	Malware.AI.1532521461
Panda	Trj/CI.A
Rising	Ransom.Jaffrans!8.E7AB (CLOUD)
Yandex	Trojan.GenAsa!ozc+fdj5DOI
Ikarus	Trojan-Ransom.Jaff
Fortinet	W32/Jaff.B!tr.ransom
AVG	Win32:Filecoder-AX [Trj]
Paloalto	generic.ml
Qihoo-360	Win32/Ransom.Filecoder.HxQBMjoA

How to remove Ransom:Win32/Jaffrans.A!rsm?

Ransom:Win32/Jaffrans.A!rsm removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X